{"vulnerability": "cve-2025-4634", "sightings": [{"uuid": "dc043eca-6a44-4196-aa2c-533561ca1108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46343", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnwsbufr4n2v", "content": "", "creation_timestamp": "2025-04-29T07:50:59.743778Z"}, {"uuid": "376929c2-4aa4-4560-a4a1-5464b4deb65b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46349", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lny2il475r2n", "content": "", "creation_timestamp": "2025-04-29T19:50:39.340201Z"}, {"uuid": "28077c4d-bcea-4f72-a5b8-a7ea00925ae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46347", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lny2ilg6ii22", "content": "", "creation_timestamp": "2025-04-29T19:50:41.213089Z"}, {"uuid": "4f102d5a-5ef4-4608-bd8b-ba71be29c0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114423300046150064", "content": "", "creation_timestamp": "2025-04-29T21:10:02.200161Z"}, {"uuid": "902296b7-4137-4946-9756-92cbdf83ed66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114423451055151081", "content": "", "creation_timestamp": "2025-04-29T21:48:24.256606Z"}, {"uuid": "3fddb2e7-afd8-4f06-89c1-dcde7bb47fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46344", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnyhw375k32t", "content": "", "creation_timestamp": "2025-04-29T23:50:49.248935Z"}, {"uuid": "3e456a5e-ea93-4679-a8a5-783d29ea9adb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnyhw3tqn52n", "content": "", "creation_timestamp": "2025-04-29T23:50:52.977640Z"}, {"uuid": "bcb52e1a-62e5-4ecf-8026-7d9ccf762b39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnykwiebkd2g", "content": "", "creation_timestamp": "2025-04-30T00:44:40.636835Z"}, {"uuid": "aa7bbd69-d55c-49ad-a309-c0641e26f427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46342", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114427698692598891", "content": "", "creation_timestamp": "2025-04-30T15:48:38.743492Z"}, {"uuid": "1949ad2d-a3be-41c9-aa14-5a8963ff36d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46342", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114427741773438031", "content": "", "creation_timestamp": "2025-04-30T15:59:35.475037Z"}, {"uuid": "07224403-70a0-47d9-86d2-e141a9e7df8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46342", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo27rucdv72h", "content": "", "creation_timestamp": "2025-04-30T16:30:35.627251Z"}, {"uuid": "16da26f4-4fc9-4a72-aae4-37a61906c25e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46341", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqsq64pjlt42", "content": "", "creation_timestamp": "2025-06-04T21:18:13.583415Z"}, {"uuid": "fabaa043-cead-4cd4-b16d-45046f9951f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46341", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqsv6g2q352s", "content": "", "creation_timestamp": "2025-06-04T22:47:40.517695Z"}, {"uuid": "c6903e95-c489-499d-881b-f1d6e9f6a164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4634", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqeubcentnm2", "content": "", "creation_timestamp": "2025-05-30T08:55:08.336966Z"}, {"uuid": "a13e435b-9c19-4f5a-adb7-891084463c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46349", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcawtldqxw2h", "content": "", "creation_timestamp": "2026-01-12T21:02:59.261932Z"}, {"uuid": "13981390-4971-4136-8f8d-7e3192f83693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46343", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13787", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46343\n\ud83d\udd25 CVSS Score: 5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no restriction on the MIME type of uploaded files, and the MIME type could be controlled via a GET parameter. This allows the server to respond with any MIME type, potentially enabling malicious content to be interpreted and executed by the browser. An authenticated attacker with member-level permissions could exploit this by uploading a crafted HTML file containing malicious JavaScript. When another user visits the binary data endpoint with the MIME type set to text/html, the script executes in the context of the user\u2019s session. This script could send a request to change the user\u2019s email address in their account settings, effectively enabling account takeover. This issue has been patched in version 1.90.0.\n\ud83d\udccf Published: 2025-04-29T04:35:16.684Z\n\ud83d\udccf Modified: 2025-04-29T04:35:16.684Z\n\ud83d\udd17 References:\n1. https://github.com/n8n-io/n8n/security/advisories/GHSA-c8hm-hr8h-5xjw\n2. https://github.com/n8n-io/n8n/pull/14350\n3. https://github.com/n8n-io/n8n/pull/14685\n4. https://github.com/n8n-io/n8n/releases/tag/n8n%401.90.0", "creation_timestamp": "2025-04-29T05:11:28.000000Z"}, {"uuid": "0e050a66-30f7-4abe-b5b3-7d6261a60ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46349", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13883", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46349\n\ud83d\udd25 CVSS Score: 7.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L)\n\ud83d\udd39 Description: YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been patched in version 4.5.4.\n\ud83d\udccf Published: 2025-04-29T17:11:10.679Z\n\ud83d\udccf Modified: 2025-04-29T18:01:20.769Z\n\ud83d\udd17 References:\n1. https://github.com/YesWiki/yeswiki/security/advisories/GHSA-2f8p-qqx2-gwr2\n2. https://github.com/YesWiki/yeswiki/pull/1264/commits/6edde40eb7eeb5d60619ac4d1e0a0422d92e9524", "creation_timestamp": "2025-04-29T18:12:20.000000Z"}, {"uuid": "ce217ff8-6e8b-41e0-ab9b-d53e3858a54b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46347", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13892", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46347\n\ud83d\udd25 CVSS Score: 5.8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:P)\n\ud83d\udd39 Description: YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki vulnerable to remote code execution. An arbitrary file write can be used to write a file with a PHP extension, which then can be browsed to in order to execute arbitrary code on the server, resulting in a full compromise of the server. This could potentially be performed unwittingly by a user. This issue has been patched in version 4.5.4.\n\ud83d\udccf Published: 2025-04-29T17:11:05.404Z\n\ud83d\udccf Modified: 2025-04-29T17:11:05.404Z\n\ud83d\udd17 References:\n1. https://github.com/YesWiki/yeswiki/security/advisories/GHSA-88xg-v53p-fpvf\n2. https://github.com/YesWiki/yeswiki/commit/8fe5275a78dc7e0f9c242baa3cbac6b5ac1cc066", "creation_timestamp": "2025-04-29T18:12:32.000000Z"}, {"uuid": "c2476240-f920-40f4-ba0a-8f71c1c098a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46344", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13926", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46344\n\ud83d\udd25 CVSS Score: 4.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTime` when generating a JWE token for the session. As a result, the JWE does not contain an internal expiration claim. While the session cookie may expire or be cleared, the JWE remains valid. This issue has been patched in version 4.5.1.\n\ud83d\udccf Published: 2025-04-29T20:43:41.538Z\n\ud83d\udccf Modified: 2025-04-29T20:43:41.538Z\n\ud83d\udd17 References:\n1. https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-pjr6-jx7r-j4r6\n2. https://github.com/auth0/nextjs-auth0/commit/a4f061aed02ffa132feca8adfbd11704df17e1c3\n3. https://github.com/auth0/nextjs-auth0/releases/tag/v4.5.1", "creation_timestamp": "2025-04-29T21:13:27.000000Z"}, {"uuid": "1def283f-e3e9-4c07-bdd0-fe05c42839b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13929", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46348\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4.\n\ud83d\udccf Published: 2025-04-29T20:39:40.423Z\n\ud83d\udccf Modified: 2025-04-29T20:39:40.423Z\n\ud83d\udd17 References:\n1. https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95\n2. https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530", "creation_timestamp": "2025-04-29T21:13:32.000000Z"}, {"uuid": "29564fc5-f9d2-474c-bde2-7fcbeaa4d468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46345", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14554", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46345\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Auth0 Account Link Extension is an extension aimed to help link accounts easily. Versions 2.3.4 to 2.6.6 do not verify the signature of the provided JWT. This allows the user the ability to supply a forged token and the potential to access user information without proper authorization. This issue has been patched in versions 2.6.7, 2.7.0, and 3.0.0. It is recommended to upgrade to version 3.0.0 or greater.\n\ud83d\udccf Published: 2025-05-01T17:20:24.010Z\n\ud83d\udccf Modified: 2025-05-02T17:39:32.800Z\n\ud83d\udd17 References:\n1. https://github.com/auth0-extensions/auth0-account-link-extension/security/advisories/GHSA-j2jh-rqff-7vmg\n2. https://github.com/auth0-extensions/auth0-account-link-extension/pull/187", "creation_timestamp": "2025-05-02T18:19:52.000000Z"}, {"uuid": "3937f471-3b70-4cbf-92b8-91c680677712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46342", "type": "seen", "source": "https://t.me/cvedetector/24108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46342 - Kyverno Namespace Selector Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46342 \nPublished : April 30, 2025, 3:16 p.m. | 28\u00a0minutes ago \nDescription : Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selector(s) in their match statements are mistakenly not applied during admission review request processing due to a missing error propagation in function `GetNamespaceSelectorsFromNamespaceLister` in `pkg/utils/engine/labels.go`. As a consequence, security-critical mutations and validations are bypassed, potentially allowing attackers with K8s API access to perform malicious operations. This issue has been patched in versions 1.13.5 and 1.14.0. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T17:55:07.000000Z"}, {"uuid": "3cfae0ff-a797-47b4-ad35-203e2d6a3b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46344", "type": "seen", "source": "https://t.me/cvedetector/24058", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46344 - Auth0 Next.js SDK: JWE Token Expiration Claim Omission\", \n  \"Content\": \"CVE ID : CVE-2025-46344 \nPublished : April 29, 2025, 9:15 p.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTime` when generating a JWE token for the session. As a result, the JWE does not contain an internal expiration claim. While the session cookie may expire or be cleared, the JWE remains valid. This issue has been patched in version 4.5.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T01:11:59.000000Z"}, {"uuid": "9bec79d3-4436-44af-89f5-d52b03c32bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46349", "type": "seen", "source": "https://t.me/cvedetector/24040", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46349 - YesWiki Reflected Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46349 \nPublished : April 29, 2025, 6:15 p.m. | 39\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been patched in version 4.5.4. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T21:01:13.000000Z"}, {"uuid": "ee4908c5-a075-4602-9f67-267903790b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "seen", "source": "https://t.me/cvedetector/24053", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46348 - YesWiki Unauthenticated Archive Creation and Download Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46348 \nPublished : April 29, 2025, 9:15 p.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-30T01:11:53.000000Z"}, {"uuid": "af49376b-5102-49c6-b600-23a3f8838263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46347", "type": "seen", "source": "https://t.me/cvedetector/24039", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46347 - YesWiki Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46347 \nPublished : April 29, 2025, 6:15 p.m. | 39\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki vulnerable to remote code execution. An arbitrary file write can be used to write a file with a PHP extension, which then can be browsed to in order to execute arbitrary code on the server, resulting in a full compromise of the server. This could potentially be performed unwittingly by a user. This issue has been patched in version 4.5.4. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T21:01:12.000000Z"}, {"uuid": "9d2caf29-49c9-4184-8987-970322165e17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46346", "type": "seen", "source": "https://t.me/cvedetector/24022", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46346 - YesWiki Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46346 \nPublished : April 29, 2025, 4:15 p.m. | 30\u00a0minutes ago \nDescription : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, a stored cross-site scripting (XSS) vulnerability was discovered in the application\u2019s comments feature. This issue allows a malicious actor to inject JavaScript payloads that are stored and later executed in the browser of any user viewing the affected comment. The XSS occurs because the application fails to properly sanitize or encode user input submitted to the comments. Notably, the application sanitizes or does not allow execution of `\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T19:20:38.000000Z"}, {"uuid": "11a9e112-33f0-4634-b9ce-688c99586380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46343", "type": "seen", "source": "https://t.me/cvedetector/23979", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46343 - n8n Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46343 \nPublished : April 29, 2025, 5:15 a.m. | 1\u00a0hour, 2\u00a0minutes ago \nDescription : n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint. n8n workflows can store and serve binary files, which are accessible to authenticated users. However, there is no restriction on the MIME type of uploaded files, and the MIME type could be controlled via a GET parameter. This allows the server to respond with any MIME type, potentially enabling malicious content to be interpreted and executed by the browser. An authenticated attacker with member-level permissions could exploit this by uploading a crafted HTML file containing malicious JavaScript. When another user visits the binary data endpoint with the MIME type set to text/html, the script executes in the context of the user\u2019s session. This script could send a request to change the user\u2019s email address in their account settings, effectively enabling account takeover. This issue has been patched in version 1.90.0. \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T08:28:14.000000Z"}, {"uuid": "02d6a5be-572c-4a16-a56b-86b0da56f0ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46342", "type": "seen", "source": "Telegram/Gwvh-n-ygZ7AZvt4Z14lI64V1AihU4WxZxoYYl7z1l7jTPI", "content": "", "creation_timestamp": "2025-04-30T17:32:01.000000Z"}, {"uuid": "52ec2cd2-521d-4cdc-9735-899a579a366e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46340", "type": "published-proof-of-concept", "source": "Telegram/bFFhDRsz5jITaIYyr2g-Li8Bq5utseX25ZdPNGHsnlhVzGo", "content": "", "creation_timestamp": "2025-05-06T03:23:35.000000Z"}, {"uuid": "0806d9cc-97c4-4148-92e1-5569ea5126fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46348", "type": "published-proof-of-concept", "source": "Telegram/B0mQm7D6n4K45Tyxh70ZGq4-hSEsF9uB1DRvduugCcWcgHU", "content": "", "creation_timestamp": "2025-04-29T23:00:34.000000Z"}, {"uuid": "5da7aaa4-5487-425a-a5ff-0b05a8470a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46349", "type": "published-proof-of-concept", "source": "Telegram/KFrCOSu3LGCSoC33LRQajUOfsycPM4aBiQ5_ifmvrLt0xH0", "content": "", "creation_timestamp": "2025-04-29T20:01:14.000000Z"}, {"uuid": "36f1f66e-a5d0-41b7-9968-6f8d83107653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-46340", "type": "seen", "source": "https://t.me/cvedetector/24485", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46340 - Misskey CSS Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-46340 \nPublished : May 5, 2025, 7:15 p.m. | 20\u00a0minutes ago \nDescription : Misskey is an open source, federated social media platform. Starting in version 12.0.0 and prior to version 2025.4.1, due to an oversight in the validation performed in `UrlPreviewService` and `MkUrlPreview`, it is possible for an attacker to inject arbitrary CSS into the `MkUrlPreview` component. `UrlPreviewService.wrap` falls back to returning the original URL if it's using a protocol that is likely to not be understood by Misskey, IE something other than `http` or `https`. This both can de-anonymize users and_allow further attacks in the client. Additionally, `MkUrlPreview` doesn't escape CSS when applying a `background-image` property, allowing an attacker to craft a URL that applies arbitrary styles to the preview element. Theoretically, an attacker can craft a CSS injection payload to create a fake error message that can deceive the user into giving away their credentials or similar sensitive information. Version 2025.4.1 contains a patch for the issue. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-05T21:44:22.000000Z"}]}